Issued:: 2019-10-29
Updated:: 2019-10-29

RHSA-2019:3211 - Security Advisory

Overview
Updated Packages

Synopsis

Critical: chromium-browser security update

Type/Severity

Security Advisory: Critical

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Chromium is an open-source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 77.0.3865.120.

Security Fix(es):

chromium-browser: Use-after-free in media (CVE-2019-5870)
chromium-browser: Heap overflow in Skia (CVE-2019-5871)
chromium-browser: Use-after-free in Mojo (CVE-2019-5872)
chromium-browser: External URIs may trigger other browsers (CVE-2019-5874)
chromium-browser: URL bar spoof via download redirect (CVE-2019-5875)
chromium-browser: Use-after-free in media (CVE-2019-5876)
chromium-browser: Out-of-bounds access in V8 (CVE-2019-5877)
chromium-browser: Use-after-free in V8 (CVE-2019-5878)
chromium-browser: Use-after-free in offline pages (CVE-2019-13686)
chromium-browser: Use-after-free in media (CVE-2019-13688)
chromium-browser: Omnibox spoof (CVE-2019-13691)
chromium-browser: SOP bypass (CVE-2019-13692)
chromium-browser: Use-after-free in IndexedDB (CVE-2019-13693)
chromium-browser: Use-after-free in WebRTC (CVE-2019-13694)
chromium-browser: Use-after-free in audio (CVE-2019-13695)
chromium-browser: Use-after-free in V8 (CVE-2019-13696)
chromium-browser: Cross-origin size leak (CVE-2019-13697)
chromium-browser: Extensions can read some local files (CVE-2019-5879)
chromium-browser: SameSite cookie bypass (CVE-2019-5880)
chromium-browser: Arbitrary read in SwiftShader (CVE-2019-5881)
chromium-browser: URL spoof (CVE-2019-13659)
chromium-browser: Full screen notification overlap (CVE-2019-13660)
chromium-browser: Full screen notification spoof (CVE-2019-13661)
chromium-browser: CSP bypass (CVE-2019-13662)
chromium-browser: IDN spoof (CVE-2019-13663)
chromium-browser: CSRF bypass (CVE-2019-13664)
chromium-browser: Multiple file download protection bypass (CVE-2019-13665)
chromium-browser: Side channel using storage size estimate (CVE-2019-13666)
chromium-browser: URI bar spoof when using external app URIs (CVE-2019-13667)
chromium-browser: Global window leak via console (CVE-2019-13668)
chromium-browser: HTTP authentication spoof (CVE-2019-13669)
chromium-browser: V8 memory corruption in regex (CVE-2019-13670)
chromium-browser: Dialog box fails to show origin (CVE-2019-13671)
chromium-browser: Cross-origin information leak using devtools (CVE-2019-13673)
chromium-browser: IDN spoofing (CVE-2019-13674)
chromium-browser: Extensions can be disabled by trailing slash (CVE-2019-13675)
chromium-browser: Google URI shown for certificate warning (CVE-2019-13676)
chromium-browser: Chrome web store origin needs to be isolated (CVE-2019-13677)
chromium-browser: Download dialog spoofing (CVE-2019-13678)
chromium-browser: User gesture needed for printing (CVE-2019-13679)
chromium-browser: IP address spoofing to servers (CVE-2019-13680)
chromium-browser: Bypass on download restrictions (CVE-2019-13681)
chromium-browser: Site isolation bypass (CVE-2019-13682)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Chromium must be restarted for the changes to take effect.

Affected Products

Red Hat Enterprise Linux Server 6 x86_64
Red Hat Enterprise Linux Server 6 i386
Red Hat Enterprise Linux Workstation 6 x86_64
Red Hat Enterprise Linux Workstation 6 i386
Red Hat Enterprise Linux Desktop 6 x86_64
Red Hat Enterprise Linux Desktop 6 i386
Red Hat Enterprise Linux for Scientific Computing 6 x86_64

Fixes

BZ - 1762366 - CVE-2019-5870 chromium-browser: Use-after-free in media
BZ - 1762367 - CVE-2019-5871 chromium-browser: Heap overflow in Skia
BZ - 1762368 - CVE-2019-5872 chromium-browser: Use-after-free in Mojo
BZ - 1762370 - CVE-2019-5874 chromium-browser: External URIs may trigger other browsers
BZ - 1762371 - CVE-2019-5875 chromium-browser: URL bar spoof via download redirect
BZ - 1762372 - CVE-2019-13691 chromium-browser: Omnibox spoof
BZ - 1762373 - CVE-2019-13692 chromium-browser: SOP bypass
BZ - 1762374 - CVE-2019-5876 chromium-browser: Use-after-free in media
BZ - 1762375 - CVE-2019-5877 chromium-browser: Out-of-bounds access in V8
BZ - 1762376 - CVE-2019-5878 chromium-browser: Use-after-free in V8
BZ - 1762377 - CVE-2019-5879 chromium-browser: Extensions can read some local files
BZ - 1762378 - CVE-2019-5880 chromium-browser: SameSite cookie bypass
BZ - 1762379 - CVE-2019-5881 chromium-browser: Arbitrary read in SwiftShader
BZ - 1762380 - CVE-2019-13659 chromium-browser: URL spoof
BZ - 1762381 - CVE-2019-13660 chromium-browser: Full screen notification overlap
BZ - 1762382 - CVE-2019-13661 chromium-browser: Full screen notification spoof
BZ - 1762383 - CVE-2019-13662 chromium-browser: CSP bypass
BZ - 1762384 - CVE-2019-13663 chromium-browser: IDN spoof
BZ - 1762385 - CVE-2019-13664 chromium-browser: CSRF bypass
BZ - 1762386 - CVE-2019-13665 chromium-browser: Multiple file download protection bypass
BZ - 1762387 - CVE-2019-13666 chromium-browser: Side channel using storage size estimate
BZ - 1762388 - CVE-2019-13667 chromium-browser: URI bar spoof when using external app URIs
BZ - 1762389 - CVE-2019-13668 chromium-browser: Global window leak via console
BZ - 1762390 - CVE-2019-13669 chromium-browser: HTTP authentication spoof
BZ - 1762391 - CVE-2019-13670 chromium-browser: V8 memory corruption in regex
BZ - 1762392 - CVE-2019-13671 chromium-browser: Dialog box fails to show origin
BZ - 1762393 - CVE-2019-13673 chromium-browser: Cross-origin information leak using devtools
BZ - 1762394 - CVE-2019-13674 chromium-browser: IDN spoofing
BZ - 1762395 - CVE-2019-13675 chromium-browser: Extensions can be disabled by trailing slash
BZ - 1762396 - CVE-2019-13676 chromium-browser: Google URI shown for certificate warning
BZ - 1762397 - CVE-2019-13677 chromium-browser: Chrome web store origin needs to be isolated
BZ - 1762398 - CVE-2019-13678 chromium-browser: Download dialog spoofing
BZ - 1762399 - CVE-2019-13679 chromium-browser: User gesture needed for printing
BZ - 1762400 - CVE-2019-13680 chromium-browser: IP address spoofing to servers
BZ - 1762401 - CVE-2019-13681 chromium-browser: Bypass on download restrictions
BZ - 1762402 - CVE-2019-13682 chromium-browser: Site isolation bypass
BZ - 1762474 - CVE-2019-13688 chromium-browser: Use-after-free in media
BZ - 1762476 - CVE-2019-13686 chromium-browser: Use-after-free in offline pages
BZ - 1762518 - CVE-2019-13693 chromium-browser: Use-after-free in IndexedDB
BZ - 1762519 - CVE-2019-13694 chromium-browser: Use-after-free in WebRTC
BZ - 1762520 - CVE-2019-13695 chromium-browser: Use-after-free in audio
BZ - 1762521 - CVE-2019-13696 chromium-browser: Use-after-free in V8
BZ - 1762522 - CVE-2019-13697 chromium-browser: Cross-origin size leak

References

https://access.redhat.com/security/updates/classification/#critical

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 6

SRPM
x86_64
chromium-browser-77.0.3865.120-2.el6_10.x86_64.rpm	SHA-256: d43f53fe23e5da2470d722af66da233f21d2caa8c3ac4c69ff481e5961779820
chromium-browser-debuginfo-77.0.3865.120-2.el6_10.x86_64.rpm	SHA-256: ccccd8accf9e895dadbfb0bb7f26a55ad2dec2f7a86fbc54e2740614fd6d6295
i386
chromium-browser-77.0.3865.120-2.el6_10.i686.rpm	SHA-256: f1058574afe1bf3ff6dd70410bd955bd9a1d1ef6f150274069c0c0c00fce2708
chromium-browser-debuginfo-77.0.3865.120-2.el6_10.i686.rpm	SHA-256: ec47244afdaf314ada226da0096ffca2dc598a1ca7dfde27e65fc108abb2e5a7

Red Hat Enterprise Linux Workstation 6

SRPM
x86_64
chromium-browser-77.0.3865.120-2.el6_10.x86_64.rpm	SHA-256: d43f53fe23e5da2470d722af66da233f21d2caa8c3ac4c69ff481e5961779820
chromium-browser-debuginfo-77.0.3865.120-2.el6_10.x86_64.rpm	SHA-256: ccccd8accf9e895dadbfb0bb7f26a55ad2dec2f7a86fbc54e2740614fd6d6295
i386
chromium-browser-77.0.3865.120-2.el6_10.i686.rpm	SHA-256: f1058574afe1bf3ff6dd70410bd955bd9a1d1ef6f150274069c0c0c00fce2708
chromium-browser-debuginfo-77.0.3865.120-2.el6_10.i686.rpm	SHA-256: ec47244afdaf314ada226da0096ffca2dc598a1ca7dfde27e65fc108abb2e5a7

Red Hat Enterprise Linux Desktop 6

SRPM
x86_64
chromium-browser-77.0.3865.120-2.el6_10.x86_64.rpm	SHA-256: d43f53fe23e5da2470d722af66da233f21d2caa8c3ac4c69ff481e5961779820
chromium-browser-debuginfo-77.0.3865.120-2.el6_10.x86_64.rpm	SHA-256: ccccd8accf9e895dadbfb0bb7f26a55ad2dec2f7a86fbc54e2740614fd6d6295
i386
chromium-browser-77.0.3865.120-2.el6_10.i686.rpm	SHA-256: f1058574afe1bf3ff6dd70410bd955bd9a1d1ef6f150274069c0c0c00fce2708
chromium-browser-debuginfo-77.0.3865.120-2.el6_10.i686.rpm	SHA-256: ec47244afdaf314ada226da0096ffca2dc598a1ca7dfde27e65fc108abb2e5a7

Red Hat Enterprise Linux for Scientific Computing 6

SRPM
x86_64
chromium-browser-77.0.3865.120-2.el6_10.x86_64.rpm	SHA-256: d43f53fe23e5da2470d722af66da233f21d2caa8c3ac4c69ff481e5961779820
chromium-browser-debuginfo-77.0.3865.120-2.el6_10.x86_64.rpm	SHA-256: ccccd8accf9e895dadbfb0bb7f26a55ad2dec2f7a86fbc54e2740614fd6d6295

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation